You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Saurabh Lambe (JIRA)" <ji...@apache.org> on 2019/04/15 11:46:00 UTC
[jira] [Created] (AMBARI-25247) CLONE - Ambari audit log shows
"null" user when executing an API call as admin - Ambari 2.7.3
Saurabh Lambe created AMBARI-25247:
--------------------------------------
Summary: CLONE - Ambari audit log shows "null" user when executing an API call as admin - Ambari 2.7.3
Key: AMBARI-25247
URL: https://issues.apache.org/jira/browse/AMBARI-25247
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.7.3
Environment: RHEL 7.x
Reporter: Saurabh Lambe
Assignee: Krisztian Kasa
Fix For: 2.7.4
When running a simple REST API call from CLI, I could see two entries in ambari-audit.log file.
Following is my API call:
{{curl -k -i -u admin:<passwd> -H "X-Requested-By: ambari" -X GET [http://<ambari-host>:8080/api/v1/clusters|http://saurabh-ambari:8080/api/v1/clusters]}}
Following are the 2 entries in ambari-audit.log:
{quote}2019-04-08T10:19:04.991Z, User(null), RemoteIp(x.x.x.x), Operation(User login), Roles(
), Status(Failed), Reason(Authentication required), Consecutive failures(UNKNOWN USER)
2019-04-08T10:19:04.999Z, User(admin), RemoteIp(x.x.x.x), Operation(User login), Roles(
Ambari: Ambari Administrator
), Status(Success)
{quote}
The second line seems to be valid. However, the first line (with the null user) shouldn't be there.
Note: I'm not sure if it helps, but the cluster is Kerberized and Knox isn't involved.
Edit: This issue could be seen on both Ambari 2.5.2 and 2.7.3. Also, 2.5.2 version cluster is Kerberized, the 2.7.3 version is NOT Kerberized.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)